2.1

CVE-2006-5397

The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
X.OrgLibx11 Version1.0.2
X.OrgLibx11 Version1.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.272
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git%3Ba=commit%3Bh=686bb8b35acf6cecae80fe89b2b5853f5816ce19
http://secunia.com/advisories/22642
Vendor Advisory
http://secunia.com/advisories/22749
http://www.mandriva.com/security/advisories?name=MDKSA-2006:199
http://www.securityfocus.com/bid/20845
http://www.vupen.com/english/advisories/2006/4289
https://bugs.freedesktop.org/show_bug.cgi?id=8699
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29956